Skip to content

The Best of GRC Thought Leadership

Enjoy the latest in risk and compliance thought
leadership from the team at 6clicks.

Latest Posts

ISO 27001 2022 - what has changed?

The latest version, ISO 27001 2022 was released on October 25. It replaces the 2013 version of ISO 27001. Let’s find out what the key changes are and how the latest revision to..

Read More

6 cybersecurity frameworks for improving cyber health

Cybersecurity frameworks are a vital tool for organizations looking to improve their cyber health. A cybersecurity framework provides a set of guidelines and best practices for..

Read More

Setting the information security policy for ISO 27001

Setting the information security policy for ISO 27001

The Information Security policy is an important and mandatory document for ISO 27001 implementation. Several organisations struggle with creating a useful information security..

Read More

Responsibilities of top management for ISO 27001 implementation

Responsibilities of top management for ISO 27001 implementation

One of the reasons why ISO implementation fails in some organisations is because the top management does not understand why the implementation is necessary and how exactly it..

Read More

How Long Should Your Information Security Policy Be?

How long should your Information Security policy be?

An Information Security Policy is at the centre of the information security program at an organization. It is also an important requirement for ISO 20071 certification.

Read More

Statement of Applicability in ISO 27001 – What is it and Why Does it Matter?

Statement of applicability in ISO 27001 – What is it and why does it matter?

The Statement of Applicability (SOA) is an important document in ISO 27001. But it’s not just the auditor who would want to see the SOA. It can be asked for by any stakeholder who..

Read More

The Best Way to Define the Scope in ISO 27001

The best way to define the scope in ISO 27001

Defining the ‘scope’ for ISMS (Information Security Management System) is one of the most important and basic requirements for implementing the ISO 27001 standard. While it looks..

Read More

Responding to Australia's New Critical Infrastructure Laws

Responding to Australia's new critical infrastructure laws

Australia's critical infrastructure laws have been expanded and updated to apply to more sectors. Are you operating a critical asset within one of these critical infrastructure..

Read More

9 Steps to Prepare for Your First ISO 27001 Audit

9 steps to prepare for your first ISO 27001 audit

ISO 27001 Overview ISO 27001 is an information security standard created and regulated by the International Organisation for Standardisation (ISO). As it isn’t a legally mandated..

Read More